Spam is the bane of my existence. Just when you think you have it under control, some guy calls in irate about the 10 spam messages out of 1000 that got through that day. Even though I know that I'll never hit 100% effectiveness, I'm reworking my spam filters in the hope of getting closer than ever. If you know anything about creating a Linux spam filter feel free to post since new ideas are definitely appreciated.
I'm going with Exim again since it gives you control of pretty much every part of a mail transaction and because it can reject Email at SMTP time before the server has had to store a copy of it. I'm going to stay high level and not go into the actual settings in exim, but here are the basics.
During the initial HELO I'll introduce a 20 second delay. Since spammers have to send email to so many people, many use mailers that will drop a connection if they don't hear back from the recipient mail server within a few seconds.
When the sending server tells me who the message is to, I double check that that user is on the mail server I am filtering for. If it isn't then I drop the connection with an "Invalid Recipt To" error.
If the user is one I am hosting, I check to make sure that the sending server has a reverse DNS record.
If the user has reverse DNS then we'll let the server send us email.
As the email begins to come in we check to make sure that it doesn't have invalid MIME headers since many emails sent through spammed web forms have this problem.
Once I've confirmed the email is properly formatted, I check it for viruses using clamAV. If it has a virus I delete it.
After clamAV has run Exim will run it through SpamAssassin. SpamAssassin runs a series of tests that check for phrases, spelling, and formatting common to spam. The more tests that spamassassin scores positive on the higher the score that spamassassin will assign to the message. If the message scores very high, we'll discard it. If not we'll label it and send it to the person that it is meant for.
Thursday, December 13, 2007
How to pick a web host
I've dealt with enough angry web hosting customers coming to us after being with another web host to know that when you pick a web host, going with the cheapest option isn't always your best choice. There's a good article at www.pickingawebhost.com that discusses what you need you to do when picking a host, but here's the long and the short of it. When you're picking a web host remember the cardinal rule that guides buying anything. You get what you pay for. If you're the kind of person who is good at figuring things out on their own, then feel free to pick a cheap plan as long as you're site isn't generating much revenue. If, however, you don't have the time or expertise you need to get through any problems you might have on your own, or if you are generating enough revenue that you can't tolerate much if any downtime to your site, make sure that you pay a little extra money and get a hosting plan that offers good support. There are tons of hosting companies out there but your best bet for getting good support is to go with a medium sized hosting company that charges a descent rate. Remeber that companies that charge very low rates can do so because they automate everything. Anytime they have to talk to you they're losing money. This is not to say that the big hosting companies don't offer good support. You just need to make sure that they offer the type of support you need.
Lets Get this Show on the Road
Well here I go on my first journey into blogland. I work full time in the web hosting industry, it's a high stress job so I figured blogging would give me a way to blow off some steam and maybe add some of what I've learned to the internet community as a whole. So if you're actually bored enough to ever stop by this site, hopefully I'll have a little useful content up soon.
Subscribe to:
Posts (Atom)